TW202036350A - An integrated circuit, method and computer program - Google Patents

An integrated circuit, method and computer program Download PDF

Info

Publication number
TW202036350A
TW202036350A TW108141447A TW108141447A TW202036350A TW 202036350 A TW202036350 A TW 202036350A TW 108141447 A TW108141447 A TW 108141447A TW 108141447 A TW108141447 A TW 108141447A TW 202036350 A TW202036350 A TW 202036350A
Authority
TW
Taiwan
Prior art keywords
temperature
integrated circuit
area
processing area
event
Prior art date
Application number
TW108141447A
Other languages
Chinese (zh)
Other versions
TWI723632B (en
Inventor
S 布萊斯
Original Assignee
美商萬事達卡國際公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 美商萬事達卡國際公司 filed Critical 美商萬事達卡國際公司
Publication of TW202036350A publication Critical patent/TW202036350A/en
Application granted granted Critical
Publication of TWI723632B publication Critical patent/TWI723632B/en

Links

Images

Classifications

    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/57Protection from inspection, reverse engineering or tampering
    • H01L23/576Protection from inspection, reverse engineering or tampering using active circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C7/00Arrangements for writing information into, or reading information out from, a digital store
    • G11C7/10Input/output [I/O] data interface arrangements, e.g. I/O data control circuits, I/O data buffers
    • G11C7/1078Data input circuits, e.g. write amplifiers, data input buffers, data input registers, data input level conversion circuits
    • G11C7/1096Write circuits, e.g. I/O line write drivers
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/34Arrangements for cooling, heating, ventilating or temperature compensation ; Temperature sensing arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Condensed Matter Physics & Semiconductors (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Power Engineering (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Semiconductor Integrated Circuits (AREA)

Abstract

An integrated circuit is disclosed. The integrated circuit comprises: a processing region configured to run one instruction from a plurality of instructions; a first temperature measuring region configured to measure a first temperature within the integrated circuit in response to the processing region running the one instruction; the processing region being configured to compare the measured first temperature with a predefined temperature at the first temperature measuring region when the processing region runs the one instruction and to trigger an event when the measured first temperature exceeds the predefined temperature by a threshold value.

Description

一積體電路、方法以及計算機程式An integrated circuit, method and computer program

本說明係關於一積體電路、方法以及計算機程式。This description is about an integrated circuit, method, and computer program.

此處描述之「背景技術」係廣泛呈現本說明之內容。因此,皆非明確或暗示地承認背景技術所提及之當前發明者的工作及於申請時可能不算是先前技術之內容是本說明的先前技術。The "background technology" described here broadly presents the content of this description. Therefore, it is neither expressly nor implicitly acknowledged that the work of the current inventor mentioned in the background art and the content that may not be regarded as the prior art at the time of application is the prior art of this description.

對半導體晶片(chip)(如信用及簽帳卡之智慧卡晶片或行動電話之移動用戶識別卡)的物理性攻擊係已知。此類型攻擊中,駭客可能試圖取得密鑰或其他安全儲存於半導體晶片電路中之機密。此類型攻擊需要對晶片進行物理性存取。Physical attacks on semiconductor chips (such as smart card chips for credit and charge cards or mobile subscriber identification cards for mobile phones) are known. In this type of attack, the hacker may try to obtain keys or other secrets stored securely in the semiconductor chip circuit. This type of attack requires physical access to the chip.

此類型攻擊中,光學探測可能發生在晶片自背面向下變薄至10 μm (或更少)的剩餘厚度之處,用雷射進行探測。其他情況下,為了對金屬內連線進行電性或電子束探測,需從選擇區域的背面完整取下半導體。其他物理性攻擊機制,需薄化晶片以進行高解析X光斷層掃描或放光研究。In this type of attack, optical detection may occur where the wafer becomes thinner from the backside down to a remaining thickness of 10 μm (or less), and laser detection is used. In other cases, in order to perform electrical or electron beam detection on metal interconnects, the semiconductor must be completely removed from the back of the selected area. Other physical attack mechanisms require thinning of the chip for high-resolution X-ray tomography or light emission studies.

減少成功之物理性攻擊的可能性係嘗試及保護半導體晶片的背面。然而,要引入積體電路製程中,仍極少成功找到非過於昂貴或複雜的保護機制。To reduce the possibility of a successful physical attack is to try and protect the backside of the semiconductor chip. However, it is still very rare to successfully find a protection mechanism that is not too expensive or complicated to introduce into the integrated circuit manufacturing process.

因此,需要一方法降低對半導體晶片進行成功物理性攻擊之可能性,而該方法並非只保護半導體晶片背面。此為本說明欲達成之目標。Therefore, a method is needed to reduce the possibility of a successful physical attack on the semiconductor wafer, and this method does not only protect the backside of the semiconductor wafer. This is the goal to be achieved by this description.

據某一方面,提供一積體電路,包含:一處理區域用以執行複數個指令中之一指令;一第一溫度量測區域,配置為量測該積體電路中該處理區域執行該指令時之一第一溫度;該處理區域執行該指令時,該處理區域配置為比較該第一溫度量測區域之該第一量測溫度與一預定溫度,其中當該第一量測溫度超過該預定溫度達一閾值時,該處理區域觸發一事件。According to a certain aspect, an integrated circuit is provided, including: a processing area for executing one of a plurality of instructions; a first temperature measuring area configured to measure the processing area in the integrated circuit to execute the instruction When the processing area executes the instruction, the processing area is configured to compare the first measured temperature of the first temperature measurement area with a predetermined temperature, wherein when the first measured temperature exceeds the When the predetermined temperature reaches a threshold, the processing area triggers an event.

前述段落已用廣泛的方式介紹,並且無打算限制下列發明專利申請範圍。提及的實施例與進一步優勢,參考下列詳細說明及相關附圖會有最好的理解。The foregoing paragraphs have been introduced in a broad manner and are not intended to limit the scope of the following invention patent applications. The mentioned embodiments and further advantages can be best understood with reference to the following detailed description and related drawings.

參考繪圖,其中相同參考數字表示各圖的相同或相對應之元件。Reference drawings, where the same reference numbers indicate the same or corresponding elements in each drawing.

根據本說明實施例,圖1顯示一積體電路100。積體電路100由半導體材料如矽(Si)或砷化鎵(GaAs)製成。本說明實施例中,積體電路100將由包含非接觸技術之晶粒(die)或PIN型信用或簽帳卡。因此,積體電路100可符合EMV標準,或其他標準或根據 ISO/IEC 7816及 ISO/IEC 14443之標準。According to the illustrated embodiment, FIG. 1 shows an integrated circuit 100. The integrated circuit 100 is made of semiconductor materials such as silicon (Si) or gallium arsenide (GaAs). In the illustrated embodiment, the integrated circuit 100 will consist of a die or a PIN type credit or charge card containing non-contact technology. Therefore, the integrated circuit 100 can comply with the EMV standard, or other standards or according to the standards of ISO/IEC 7816 and ISO/IEC 14443.

雖然積體電路100包含數個個別區域,且每一區皆執行各種符合這些標準之功能,但為方便解釋,圖1顯示三個區域。當然,多於或少於三個區域是可以預期的。Although the integrated circuit 100 includes several individual areas, and each area performs various functions that meet these standards, for the convenience of explanation, FIG. 1 shows three areas. Of course, more or less than three regions can be expected.

積體電路100包含一處理區域110以交換及處理資料。通常,資料在應用協定資料單元(Application Protocol Data Units, APDUs)中交換,且根據指令進行處理。例如,傳送指令至處理區域110,處理區域110將適當處理之並與積體電路100中之其他區域交換資料。指令係指自包含多個指令之指令集中所取出之處理區域110的單一操作,並由技術人員完成。The integrated circuit 100 includes a processing area 110 to exchange and process data. Generally, data is exchanged in Application Protocol Data Units (APDUs) and processed according to instructions. For example, if an instruction is sent to the processing area 110, the processing area 110 will process it appropriately and exchange data with other areas in the integrated circuit 100. An instruction refers to a single operation in the processing area 110 taken from an instruction set containing multiple instructions, and is completed by a technician.

晶粒及PIN技術中之指令,例如可為一命令。此一命令可能包括產生應用程序的密碼命令、應用處理區域的命令、外部驗證的命令或類似的命令。這些技術人員已知的命令係由各種標準如 ISO/IEC 7816-3 定義。The command in the die and PIN technology can be, for example, a command. This command may include a password command for generating an application program, a command for an application processing area, a command for external verification, or a similar command. The commands known to these technicians are defined by various standards such as ISO/IEC 7816-3.

應當理解的是,儘管上述定義之命令是在晶粒及PIN的技術中使用,仍有些命令如外部驗證的命令是在其他晶粒卡應用程序(如符合 ISO/IEC 7816-4 標準之 GSM SIM 卡技術)中使用。因此,本說明書並不限於晶粒及 PIN 的技術,且可同等地應用於任何合適之技術。It should be understood that although the above-defined commands are used in die and PIN technology, some commands such as external verification commands are used in other die card applications (such as GSM SIM compliant with ISO/IEC 7816-4 standards). Card technology). Therefore, this specification is not limited to die and PIN technology, and can be equally applied to any suitable technology.

在指令處理期間,處理區域110可以處理或交換敏感資料。換句話說,處理區域110可以處理或交換資料,但若被惡意第三方擷取資料,可能會破壞積體電路100的安全性。敏感資料例如可為用來產生密碼之密鑰,或是與積體電路100使用者相關的個人資訊。此敏感資料可以以未加密形式儲存於儲存區域105中之安全部分。例如,用來產生密碼之密鑰以未加密形式儲存於儲存區域105中之安全部分。During command processing, the processing area 110 can process or exchange sensitive data. In other words, the processing area 110 can process or exchange data, but if the data is retrieved by a malicious third party, the security of the integrated circuit 100 may be damaged. The sensitive data can be, for example, a key used to generate a password, or personal information related to the user of the integrated circuit 100. This sensitive data can be stored in the secure part of the storage area 105 in an unencrypted form. For example, the key used to generate the password is stored in the secure part of the storage area 105 in an unencrypted form.

在操作中,為批准交易,處理區域110可以藉由通訊電路115接收應用密碼的產生指令,作為來自與通訊電路115通訊之讀卡機(未顯示)的指令。除了指令外,處理區域110將接收其他資料單元,如交易數量及與批准來自讀卡機之交易相關的其他資訊。處理區域110將從儲存區域105之安全部分取回密鑰,並將利用密鑰來加密其他資料單元以產生密碼。密碼接著傳送至通訊區域115,再傳送至讀卡機。In operation, in order to approve the transaction, the processing area 110 can receive an application password generation instruction through the communication circuit 115 as an instruction from a card reader (not shown) communicating with the communication circuit 115. In addition to instructions, the processing area 110 will receive other data units, such as the number of transactions and other information related to the approval of transactions from the card reader. The processing area 110 will retrieve the key from the secure part of the storage area 105, and will use the key to encrypt other data units to generate a password. The password is then sent to the communication area 115, and then sent to the card reader.

若惡意第三方對積體電路100執行物理性攻擊,則當密鑰自儲存區域105取回時,第三方能夠從連結處理區域110與儲存區域105之匯流排130中存取密鑰。換句話說,第三方可從讀卡機傳送應用密碼的產生指令。做為回應,未加密之密鑰將從儲存區域105之安全部分中取回,而被第三方以電子或電子束探測暴露的互聯內容時攔截。的確,若一物理性攻擊可直接存取儲存區域105之安全部分,密鑰可直接從儲存區域105之安全部分取回。這將可能破壞積體電路100的安全性。If a malicious third party performs a physical attack on the integrated circuit 100, when the key is retrieved from the storage area 105, the third party can access the key from the bus 130 connecting the processing area 110 and the storage area 105. In other words, the third party can transmit the application password generation instruction from the card reader. In response, the unencrypted key will be retrieved from the secure part of the storage area 105 and intercepted when the exposed internet content is detected by a third party using electrons or electron beams. Indeed, if a physical attack can directly access the secure part of the storage area 105, the key can be retrieved directly from the secure part of the storage area 105. This may damage the safety of the integrated circuit 100.

當製造積體電路100時,係包含半導體晶粒上之儲存區域105、處理區域110與通訊區域115,並將散熱材料配置其上。操作積體電路100期間,為確保積體電路100沒有任一部份會過熱、失效或無法操作,會控制散熱材料之分布及其散熱特性。When the integrated circuit 100 is manufactured, the storage area 105, the processing area 110 and the communication area 115 on the semiconductor die are included, and the heat dissipation material is arranged on it. During the operation of the integrated circuit 100, in order to ensure that no part of the integrated circuit 100 will overheat, fail or fail to operate, the distribution of heat dissipation materials and the heat dissipation characteristics are controlled.

散熱材料可被置於半導體晶粒之任何位置。這包含半導體晶粒之背面。如上述提及,為了對積體電路100取得物理性接觸,會去除至少半導體晶粒背面的一部分。這意謂,至少有部分散熱材料被去除。這改變了積體電路100中散熱材料的特性。The heat dissipation material can be placed anywhere on the semiconductor die. This includes the backside of the semiconductor die. As mentioned above, in order to make physical contact with the integrated circuit 100, at least a part of the back surface of the semiconductor die is removed. This means that at least part of the heat dissipation material is removed. This changes the characteristics of the heat dissipation material in the integrated circuit 100.

特別是,散熱材料自一區域拆除後,比起有散熱材料的區域,在此區域之半導體晶粒的原位溫度顯著增加。這是因為,比起散熱至周圍環境,散熱材料有較佳之散熱特性。In particular, after the heat dissipation material is removed from an area, the in-situ temperature of the semiconductor die in this area is significantly increased compared to the area where the heat dissipation material is located. This is because the heat dissipation material has better heat dissipation characteristics than heat dissipation to the surrounding environment.

因此,本說明之實施例中,在積體電路100裝置一個或多個溫度感測器,用以量測積體電路100操作期間中至少一個區域之溫度。在實例中,當區域之溫度超過一閾值,一事件被觸發。換句話說,若區域之溫度超過閾值,則可以假設積體電路100已遭受一物理性侵入。因此,事件可能為:刪除或毀損儲存區域105或儲存區域105之一部分(如安全儲存部分)中的資料,破壞處理區域110,或自安全部分發布虛假資料以混淆敏感資料等。換句話說,此事件防止駭客取得敏感資訊。Therefore, in the embodiment of this description, one or more temperature sensors are installed in the integrated circuit 100 to measure the temperature of at least one area during the operation of the integrated circuit 100. In the example, when the temperature of the area exceeds a threshold, an event is triggered. In other words, if the temperature of the area exceeds the threshold, it can be assumed that the integrated circuit 100 has suffered a physical intrusion. Therefore, the event may include deleting or destroying the data in the storage area 105 or a part of the storage area 105 (such as the secure storage part), destroying the processing area 110, or publishing false data from the secure part to confuse sensitive data. In other words, this incident prevents hackers from obtaining sensitive information.

如上述提及,儲存區域105及處理區域110係駭客欲取得物理性接觸之位在半導體晶粒(die)上之積體電路100的區域。具體來說,不限於實施例,儲存區域105之安全部分以及處理區域110與安全部分通訊之區域,係物理駭客特別想接觸之區域。As mentioned above, the storage area 105 and the processing area 110 are areas of the integrated circuit 100 on the semiconductor die where the hacker wants to get physical contact. Specifically, not limited to the embodiment, the secure part of the storage area 105 and the area where the processing area 110 communicates with the secure part are areas that physical hackers particularly want to contact.

因此,於儲存區域105之安全區域上製造一第一溫度感測器120,並於處理區域110製造一第二溫度感測器125。換句話說,實施例中,第一溫度感測器120及第二溫度感測器125位於積體電路100的多個區域上,在一物理性攻擊期間,這些區域可能被暴露或被更動。當然,本說明並非如此受限,且感測器可位於積體電路100上之任何位置,如較少被當作攻擊目標的區域,以提供背景溫度的讀數。這些溫度感測器係以已知技術來製造,且可包含重新使用這些區域中已製造的電晶體。為求簡潔,由於溫度感測器於半導體晶粒及積體電路100的製造方法為已知,因此以下將不會詳細解釋之。Therefore, a first temperature sensor 120 is fabricated in the safe area of the storage area 105, and a second temperature sensor 125 is fabricated in the processing area 110. In other words, in the embodiment, the first temperature sensor 120 and the second temperature sensor 125 are located on multiple areas of the integrated circuit 100, and these areas may be exposed or changed during a physical attack. Of course, this description is not so limited, and the sensor can be located anywhere on the integrated circuit 100, such as an area that is less targeted as an attack, to provide a background temperature reading. These temperature sensors are manufactured using known techniques and may include reusing transistors already manufactured in these areas. For the sake of brevity, since the manufacturing method of the temperature sensor on the semiconductor die and the integrated circuit 100 is known, it will not be explained in detail below.

在物理侵入事件中,由於半導體晶粒上之散熱材料被移除,第一溫度感測器120及第二溫度感測器125量測之溫度皆會超過散熱材料未被移除時區域之溫度。特別是,當散熱材料存在,處理區域110執行一給定指令,並給定一環境溫度,第一溫度感測器120及/或第二溫度感測器125量測之溫度將會很好地被定義之。換句話說,當散熱材料存在,在處理區域110執行一特定指令時,將會很好定義處理區域110及/或儲存區域105之安全區域的溫度上升。In a physical intrusion event, since the heat dissipation material on the semiconductor die is removed, the temperature measured by the first temperature sensor 120 and the second temperature sensor 125 will exceed the temperature of the area when the heat dissipation material is not removed . In particular, when the heat dissipation material is present, the processing area 110 executes a given command and gives an ambient temperature, the temperature measured by the first temperature sensor 120 and/or the second temperature sensor 125 will be very good Be defined. In other words, when the heat dissipation material is present, when a specific command is executed in the processing area 110, the temperature rise of the safe area of the processing area 110 and/or the storage area 105 will be well defined.

然而,在物理性攻擊期間,在已以任何方式移除、毀損或破壞散熱材料的區域,對於給定的指令,第一溫度感測器120及/或第二溫度感測器125量測之溫度將會與預期非常不同。However, during the physical attack, in areas where the heat dissipation material has been removed, damaged or destroyed in any way, for a given command, the first temperature sensor 120 and/or the second temperature sensor 125 measures The temperature will be very different than expected.

因此,本說明之實施例中,對於給定指令,若第一溫度感測器120及/或第二溫度感測器125量測之溫度高於預期溫度達一預定數值時,則可確認有物理性攻擊。Therefore, in the embodiment of this description, for a given command, if the temperature measured by the first temperature sensor 120 and/or the second temperature sensor 125 is higher than the expected temperature by a predetermined value, it can be confirmed that there is Physical attack.

圖2依據實施例顯示一積體電路100。於圖2積體電路100中,顯示數個參考到圖1的零件。這些零件具有共同參考數字,且讀者可以參考圖1之討論。另外,在通訊電路115中有第三溫度感測器210,以及在儲存區域105之非安全部分設有第四溫度感測器205。FIG. 2 shows an integrated circuit 100 according to an embodiment. In the integrated circuit 100 of FIG. 2, several components referred to in FIG. 1 are shown. These parts have common reference numbers, and readers can refer to the discussion in Figure 1. In addition, there is a third temperature sensor 210 in the communication circuit 115 and a fourth temperature sensor 205 in the non-secure part of the storage area 105.

一般來說,在物理性攻擊期間,通訊電路115周圍之散熱材料保持不受影響。這意謂第三溫度感測器210可量測環境溫度或積體電路100之背景溫度。當然,本說明並非如此受限,為了量測積體電路100之環境溫度,第三溫度感測器210可被設於積體電路100中任何較不可能發生物理性攻擊之位置。Generally, during a physical attack, the heat dissipation material around the communication circuit 115 remains unaffected. This means that the third temperature sensor 210 can measure the ambient temperature or the background temperature of the integrated circuit 100. Of course, this description is not so limited. In order to measure the ambient temperature of the integrated circuit 100, the third temperature sensor 210 can be placed in any position in the integrated circuit 100 that is less likely to be physically attacked.

如上述提及,在儲存區域105之非安全部分設有第四溫度感測器205。與通訊電路115類似,儲存區域105之非安全部分係較不可能被侵入,儲存區域105之非安全部分周圍之散熱材料通常維持原樣。因此,第四溫度感測器205也可用於量測積體電路100之環境溫度。As mentioned above, a fourth temperature sensor 205 is provided in the non-secure part of the storage area 105. Similar to the communication circuit 115, the non-secure part of the storage area 105 is less likely to be invaded, and the heat dissipation material around the non-secure part of the storage area 105 usually remains intact. Therefore, the fourth temperature sensor 205 can also be used to measure the ambient temperature of the integrated circuit 100.

應注意,提供一個或多個環境溫度感測器係可選擇的。It should be noted that providing one or more ambient temperature sensors is optional.

圖3顯示描述本說明實施例之一流程圖300。流程圖300使用存於儲存區域105之軟體,於實施例的積體電路100中執行。Figure 3 shows a flowchart 300 describing one of the illustrated embodiments. The flowchart 300 uses software stored in the storage area 105 and is executed in the integrated circuit 100 of the embodiment.

流程圖300自步驟305開始。處理區域110執行一指令時,程序進行至步驟310。一實例指令,係藉一讀卡機與通訊電路115通訊,接收應用程序的密碼指令。由於指令是由處理區域110執行,處理區域110調查第一溫度感測器120,並接收第一溫度感測器120量測之溫度。此係步驟315。當處理區域110調查第二溫度感測器125,並接收第二溫度感測器125量測之溫度時,程序進行至步驟320。當然可預期的,處理區域110可能調查第三溫度感測器205及/或第四溫度感測器210,以補充或代替第一溫度感測器120及第二溫度感測器125。換句話說,可預期於一物理性攻擊期間,一第一溫度讀數將來自一較可能損毀之區域,且一第二溫度讀數將來自另一較可能或較不可能損毀之區域。The flowchart 300 starts at step 305. When the processing area 110 executes an instruction, the procedure proceeds to step 310. An example command is to use a card reader to communicate with the communication circuit 115 to receive the password command of the application program. Since the command is executed by the processing area 110, the processing area 110 investigates the first temperature sensor 120 and receives the temperature measured by the first temperature sensor 120. This is step 315. When the processing area 110 investigates the second temperature sensor 125 and receives the temperature measured by the second temperature sensor 125, the process proceeds to step 320. It is of course expected that the processing area 110 may investigate the third temperature sensor 205 and/or the fourth temperature sensor 210 to supplement or replace the first temperature sensor 120 and the second temperature sensor 125. In other words, it is expected that during a physical attack, a first temperature reading will come from an area that is more likely to be damaged, and a second temperature reading will come from another area that is more likely or less likely to be damaged.

處理區域110接著比較第一及第二溫度之差距。此係步驟325。當建立一檢查,係第一與第二溫差是否超過一閾值溫度,程序進行至步驟330。此於圖4更詳細描述。在差距超過閾值溫度之事件,即一物理性攻擊被探測,選擇「是」路徑,進行至步驟335,且如上述解釋,將執行一事件如至少刪除儲存區域105之安全部分。程序接著進行至步驟340,流程圖即結束。The processing area 110 then compares the difference between the first and second temperatures. This is step 325. When a check is established to determine whether the difference between the first and second temperature exceeds a threshold temperature, the process proceeds to step 330. This is described in more detail in FIG. 4. In the event that the gap exceeds the threshold temperature, that is, a physical attack is detected, the "Yes" path is selected to proceed to step 335, and as explained above, an event such as deleting at least the safe part of the storage area 105 will be executed. The program then proceeds to step 340, and the flowchart ends.

回歸至步驟330,若溫差未超過閾值溫度,選擇「否」路徑,進行至流程終點,即步驟340。Returning to step 330, if the temperature difference does not exceed the threshold temperature, select the “No” path to proceed to the end of the process, that is, step 340.

流程圖330提及,當執行一特定指令時,溫差超過一閾值溫度,則為偵測到物理性攻擊。當執行指令時,測量而得之一溫度可能為環境溫度或可能皆為積體電路100中之特定區域或受物理性攻擊影響之區域。Flowchart 330 mentions that when a specific command is executed and the temperature difference exceeds a threshold temperature, a physical attack is detected. When the command is executed, one of the measured temperatures may be the ambient temperature or may be a specific area in the integrated circuit 100 or an area affected by a physical attack.

一些狀況下,執行一特定指令時,物理性攻擊可能會因三個或更多溫度量測之間的差距超過一閾值而被偵測到。In some situations, when a specific command is executed, a physical attack may be detected because the difference between three or more temperature measurements exceeds a threshold.

應注意,本說明並非僅受限於複數個溫度量測。例如,當處理區域110執行一指令時,較可能受物理性攻擊傷害之區域的溫度量測超過一特定溫度達一預定數值時,可能表示偵測到物理性攻擊。換句話說,當處理區域110執行一特定指令,而絕對溫度量測超過一特定溫度時,可能表示偵測到一物理性攻擊。It should be noted that this description is not limited to multiple temperature measurements. For example, when the processing area 110 executes a command, when the temperature measurement of the area that is more likely to be damaged by a physical attack exceeds a specific temperature by a predetermined value, it may indicate that a physical attack is detected. In other words, when the processing area 110 executes a specific command and the absolute temperature measurement exceeds a specific temperature, it may indicate that a physical attack is detected.

圖4顯示一表格。在一實施例中,表格存放於儲存區域105。表格可存放於儲存區域105的安全部分,以確保表格的完整性。表格可以是與由處理區域110在第一溫度感測器120、第二溫度感測器125、第三溫度感測器205和第四溫度感測器210處的期望溫度來運行指令相關聯的任何數據結構。換句話說,當處理區域110執行一特定指令且散熱材料係完整的,表格存放各溫度感測器之期望溫度。當給定一環境溫度時,上述期望溫度係各溫度感測器之絕對溫度。Figure 4 shows a table. In one embodiment, the table is stored in the storage area 105. The form can be stored in a secure part of the storage area 105 to ensure the integrity of the form. The table may be associated with the command to be executed by the processing area 110 at the desired temperature at the first temperature sensor 120, the second temperature sensor 125, the third temperature sensor 205, and the fourth temperature sensor 210 Any data structure. In other words, when the processing area 110 executes a specific command and the heat dissipation material is complete, the table stores the expected temperature of each temperature sensor. When an environment temperature is given, the above-mentioned expected temperature is the absolute temperature of each temperature sensor.

如上述實施例,二量測溫度之差距係用以判斷是否發生物理性攻擊。透過考量溫差,對於減緩環境溫度的影響特別有效。換句話說,當絕對溫度列入考量,在高溫環境下,即使沒有物理性攻擊發生,絕對溫度仍可能超過閾值。然而,當使用二量測所得溫度的差值來偵測物理性攻擊,則可以減輕大環境溫度的影響。這減低了偵測物理性攻擊時發生錯誤的可能性。As in the above embodiment, the difference between the two measured temperatures is used to determine whether a physical attack occurs. By considering the temperature difference, it is particularly effective for mitigating the influence of ambient temperature. In other words, when absolute temperature is taken into consideration, in a high-temperature environment, even if no physical attack occurs, the absolute temperature may still exceed the threshold. However, when the difference between the two measured temperatures is used to detect physical attacks, the impact of the ambient temperature can be reduced. This reduces the possibility of errors in detecting physical attacks.

在圖4的實例表格中,程序區域110執行之指令係一應用程序密碼指令,且散熱材料係完整的,第一溫度感測器120量測之第一溫度係攝氏55度,第二溫度感測器125量測之第二溫度係攝氏85度,第三溫度感測器205量測之第三溫度係攝氏45度,以及第四溫度感測器210量測之第四溫度係攝氏40度。此溫度分布顯示指令是由處理區域110所執行。換句話說,當應用程序密碼指令運行時,處理區域110將接收來自儲存區域105之安全部分的密碼。由於這是一個複雜的命令,因此需要處理區域110進行密集操作,這意味著第二溫度(與處理區域110相關的溫度)將會很高。另外,儲存區域105之安全部分操作時,第一溫度(與儲存區域105相關之溫度)會上升。In the example table of FIG. 4, the command executed by the program area 110 is an application password command, and the heat dissipation material is complete. The first temperature measured by the first temperature sensor 120 is 55 degrees Celsius, and the second temperature sensor 120 The second temperature measured by the sensor 125 is 85 degrees Celsius, the third temperature measured by the third temperature sensor 205 is 45 degrees Celsius, and the fourth temperature measured by the fourth temperature sensor 210 is 40 degrees Celsius. . This temperature distribution display command is executed by the processing area 110. In other words, when the application password command is executed, the processing area 110 will receive the password from the secure part of the storage area 105. Since this is a complicated command, the processing area 110 is required to perform intensive operations, which means that the second temperature (the temperature associated with the processing area 110) will be high. In addition, when the safe part of the storage area 105 is operating, the first temperature (the temperature associated with the storage area 105) will rise.

由於通訊電路115及儲存區域105之非安全部分並無密集操作,第三量測溫度及第四量測溫度係約為環境溫度。Since the non-secure parts of the communication circuit 115 and the storage area 105 are not intensively operated, the third measurement temperature and the fourth measurement temperature are approximately the ambient temperature.

在圖4實例表格中,處理區域110執行之指令係一確認讀卡機的命令,且散熱材料係完整的,第一溫度感測器120量測之第一溫度係攝氏40度,第二溫度感測器125量測之第二溫度係攝氏55度,第三溫度感測器量測之第三溫度係攝氏40度,以及第四溫度感測器210量測之第四溫度係攝氏70度。再一次,此溫度分布顯示此指令是由處理區域110執行的。明確地說,確認讀卡機的命令無須存取儲存區域105之安全部分。因此,第一溫度感測器120量測之第一溫度係約環境溫度。因指令並不複雜,處理區域110無須密集操作。這表示,相較於複雜操作時之溫度,第二溫度(處理區域110之溫度)很低。再者,由於儲存區域105非安全部分無需處理確認讀卡機的指令,與儲存區域105之非安全部分相關聯之第三溫度係低溫。最終,由於通訊電路115必須與讀卡機通訊以處理指令,第四溫度感測器210量測之通訊電路115的溫度上升。In the example table of FIG. 4, the command executed by the processing area 110 is a command to confirm the card reader, and the heat dissipation material is complete. The first temperature measured by the first temperature sensor 120 is 40 degrees Celsius, and the second temperature The second temperature measured by the sensor 125 is 55 degrees Celsius, the third temperature measured by the third temperature sensor is 40 degrees Celsius, and the fourth temperature measured by the fourth temperature sensor 210 is 70 degrees Celsius. . Once again, this temperature distribution shows that this command is executed by the processing area 110. Specifically, the command to confirm the card reader does not need to access the secure part of the storage area 105. Therefore, the first temperature measured by the first temperature sensor 120 is approximately the ambient temperature. Since the instructions are not complicated, the processing area 110 does not require intensive operations. This means that the second temperature (the temperature of the processing area 110) is very low compared to the temperature during complex operations. Furthermore, since the non-secure part of the storage area 105 does not need to process instructions to confirm the card reader, the third temperature associated with the non-secure part of the storage area 105 is low. Finally, since the communication circuit 115 must communicate with the card reader to process instructions, the temperature of the communication circuit 115 measured by the fourth temperature sensor 210 rises.

相應地,當在處理區域110上運行特定指令並且積體電路100具有完整的散熱材料時,圖4的表包括與每個溫度感測器相關聯的預定溫度。儲存溫度中之任二者的差距即為預定義溫度差距。Accordingly, when a specific instruction is executed on the processing area 110 and the integrated circuit 100 has a complete heat dissipation material, the table of FIG. 4 includes the predetermined temperature associated with each temperature sensor. The difference between any two of the storage temperatures is the predefined temperature difference.

因此,回到圖3步驟330,對於其中處理區域110正在運行特定指令的積體電路100,決定二量測溫度之溫差。對同一指令,將儲存在圖4表中的兩個測得溫度之間的預定溫差進行比較。例如,二量測溫度差高於預定溫度差之10%的閾值達之,則流程進行至步驟335。或者,若量測溫度小於或等於閾值,流程進行至步驟340,如圖3之相關解釋。當然,雖然前文以溫度差高於預定溫度差之10%的閾值為例,本說明並非如此受限。差距可以是一相異的百分比或一絕對數值。Therefore, returning to step 330 in FIG. 3, for the integrated circuit 100 in which the processing area 110 is running a specific command, determine the temperature difference between the two measured temperatures. For the same instruction, compare the predetermined temperature difference between the two measured temperatures stored in the table in Figure 4. For example, if the threshold between the two measured temperature differences is higher than 10% of the predetermined temperature difference is reached, the process proceeds to step 335. Or, if the measured temperature is less than or equal to the threshold, the process proceeds to step 340, as explained in FIG. 3. Of course, although the foregoing takes the threshold value of the temperature difference being higher than 10% of the predetermined temperature difference as an example, this description is not so limited. The gap can be a different percentage or an absolute value.

如上述本說明實施例解釋,積體電路100執行一指令時,各部分的溫度係積體電路100之特性。這表示,雖然上文已對是否從半導體晶粒移除散熱材料作描述,本說明並非如此受限。舉例來說,某些狀況下,有必要確保指令僅於特定(即合法)積體電路上執行。為了避免個人於其他積體電路執行指令,可以採用類似上文描述之系統。換句話說,可以在執行一指令時,測量積體電路中一或多部分的溫度,並於一合法積體電路執行相同指令時與一預定溫度作比較,接著於量測溫度高於閾值時觸發一事件。若製造商希望軟體僅運行於特定且認證的積體電路時,此係有用的。因此,以上技術能用於識別何時在未認證的積體電路上運行這種軟體,因為當軟體於未認證的積體電路上執行指令時之溫度會有別於在已認證積體電路上執行指令時之溫度。As explained in the above described embodiment, when the integrated circuit 100 executes a command, the temperature of each part is the characteristic of the integrated circuit 100. This means that although the above has described whether to remove the heat dissipation material from the semiconductor die, this description is not so limited. For example, in some situations, it is necessary to ensure that instructions are only executed on specific (ie, legal) integrated circuits. In order to prevent individuals from executing instructions on other integrated circuits, a system similar to the one described above can be used. In other words, when a command is executed, the temperature of one or more parts of the integrated circuit can be measured and compared with a predetermined temperature when a legal integrated circuit executes the same command, and then when the measured temperature is higher than the threshold Trigger an event. This is useful if the manufacturer wants the software to run only on specific and certified integrated circuits. Therefore, the above techniques can be used to identify when to run this software on an uncertified integrated circuit, because the temperature when the software executes a command on an uncertified integrated circuit is different from that of a certified integrated circuit. The temperature at the time of command.

明顯地,根據上述指示,本說明的多種修改及變化係可能實現的。因此可以了解,於申請專利範圍內,本說明能以有別於此處描述之方式來實施之。Obviously, according to the above instructions, various modifications and changes in this description are possible. Therefore, it can be understood that within the scope of the patent application, this description can be implemented in a manner different from that described here.

就已實施之本說明實施例而言,透過軟體控制的數據處理儀器能夠理解,裝有軟體之一非暫態機器可讀取媒介(non-transitory machine-readable medium),如一光碟、一磁碟、半導體記憶體或其他,皆可用以代表本說明之實施例。As far as the embodiments of this description have been implemented, data processing equipment controlled by software can understand that a non-transitory machine-readable medium (non-transitory machine-readable medium), such as a CD or a disk, is installed with software. , Semiconductor memory or others, can be used to represent the embodiments of this description.

應理解的,以上描述為了清楚起見,已參考不同功能元件、電路及/或處理器。但明顯地,在無背離實施例的情況下,不同功能元件、電路及/或處理器中任何功能布局皆有可能使用。It should be understood that the above description has referred to different functional elements, circuits, and/or processors for clarity. Obviously, without departing from the embodiment, any functional layout in different functional elements, circuits and/or processors may be used.

描述之實施例可實施於任何合適之形式,包括硬體、軟體、韌體或前述任何組合。描述之實施例至少可選擇性實施於部分執行於一或更多資料之處理器及/或數位訊號處理器之計算機軟體。任何實施例之元件及組件可以以任何合適之物理地、功能性地與合邏輯之方式實現。實際上,功能性可以以單一單元、複數個單元或以其他功能單元之部分來實施。如此,本說明之實施例可於單一單元實現,或物理地及功能性地分布於不同單元、電路及/或處理器之間。The described embodiments can be implemented in any suitable form, including hardware, software, firmware, or any combination of the foregoing. The described embodiments can be selectively implemented at least partially in computer software running on one or more data processors and/or digital signal processors. The elements and components of any embodiment can be implemented in any suitable physical, functional and logical manner. In fact, the functionality can be implemented as a single unit, multiple units, or as part of other functional units. In this way, the embodiments of this description can be implemented in a single unit, or physically and functionally distributed among different units, circuits, and/or processors.

儘管本說明已描述相當多實施例,但此處闡述並非意圖限制於特定形式。此外,儘管本說明之特點已結合特定實施例進行描述,但本領域之技術人員可能將了解,所述實施例之各種特點可與任何合適之實施技術結合。Although this description has described many embodiments, the descriptions here are not intended to be limited to a specific form. In addition, although the features of this specification have been described in conjunction with specific embodiments, those skilled in the art may understand that the various features of the embodiments can be combined with any suitable implementation technology.

本說明之實施例可依據下列編號條款定義:The embodiments of this description can be defined according to the following numbering clauses:

1. 一種積體電路,包含: 一處理區域,配置為執行複數個指令中之一指令; 一第一溫度量測區域,配置為量測該積體電路中該處理區域執行該指令時之一第一溫度,其中: 該處理區域執行一指令時,該處理區域配置為比較該第一溫度量測區域之該第一量測溫度與一預定溫度,其中當該第一量測溫度超過該預定溫度達一閾值,該處理區域觸發一事件。1. An integrated circuit, including: A processing area, configured to execute one of a plurality of instructions; A first temperature measurement area configured to measure a first temperature when the processing area in the integrated circuit executes the instruction, wherein: When the processing area executes an instruction, the processing area is configured to compare the first measured temperature of the first temperature measurement area with a predetermined temperature, wherein when the first measured temperature exceeds the predetermined temperature by a threshold, the The processing area triggers an event.

2. 如條款1所述的積體電路,更包含: 一第二溫度量測區域,配置為量測該積體電路中該處理區域執行該指令時之該第二溫度,其中當該第一量測溫度與該第二量測溫度之差距超過一預定溫差(a predefined temperature difference)達一預設值,該處理區域觸發一事件。2. The integrated circuit as described in clause 1, further including: A second temperature measurement area configured to measure the second temperature when the processing area in the integrated circuit executes the instruction, wherein when the difference between the first measurement temperature and the second measurement temperature exceeds a predetermined When a predefined temperature difference reaches a preset value, the processing area triggers an event.

3. 如條款1或2所述的積體電路,其中該事件係偵測對該積體電路之一物理性攻擊。3. The integrated circuit as described in clause 1 or 2, wherein the event is the detection of a physical attack on one of the integrated circuits.

4. 如第條款3所述的積體電路,更包含: 一包含安全區域及一非安全區域之存儲區域,其中當該物理性攻擊事件被偵測,該處理區域配置為刪除該安全區域之資料。4. The integrated circuit as described in clause 3, further including: A storage area including a secure area and a non-secure area, wherein when the physical attack event is detected, the processing area is configured to delete data in the secure area.

5. 一種偵測一積體電路中之一物理性攻擊方法,其包含步驟有: 執行複數個指令中之一指令;以及 量測該積體電路執行該指令時之一第一溫度;以及 當執行該指令時,比較該第一溫度及該第一溫度量測區域之一預定溫度;以及 當該第一量測溫度超過該預定溫度之一閾值時,觸發一事件。5. A method for detecting a physical attack in an integrated circuit, which includes the following steps: Execute one of a plurality of instructions; and Measuring a first temperature when the integrated circuit executes the instruction; and When the instruction is executed, compare the first temperature with a predetermined temperature of the first temperature measurement area; and When the first measured temperature exceeds a threshold of the predetermined temperature, an event is triggered.

6. 如條款5所述一種偵測一積體電路中之一物理性攻擊的方法,更包含: 量測該積體電路執行該指令時之一第二溫度;以及 當該第一量測溫度及該第二量測溫度之差距超過一預定溫差達一預設值時,觸發該事件。6. A method for detecting a physical attack in an integrated circuit as described in clause 5, further including: Measuring a second temperature when the integrated circuit executes the instruction; and When the difference between the first measured temperature and the second measured temperature exceeds a predetermined temperature difference by a predetermined value, the event is triggered.

7. 如條款5或6所述偵測一積體電路中之一物理性攻擊的方法,其中該事件係偵測對該積體電路之一物理性攻擊。7. The method for detecting a physical attack on an integrated circuit as described in clause 5 or 6, wherein the event is to detect a physical attack on the integrated circuit.

8. 如條款7所述偵測一積體電路中之一物理性攻擊的方法,其中當該物理性攻擊事件被偵測,該方法配置為刪除該積體電路中一安全區域之資料。8. The method for detecting a physical attack in an integrated circuit as described in clause 7, wherein when the physical attack event is detected, the method is configured to delete data in a secure area of the integrated circuit.

9. 一計算機程式,用於計算機可讀取之指令,當該程式上載於一計算機,配置該計算機以執行如條款5-8任一項所述之方法。9. A computer program for instructions that can be read by a computer. When the program is uploaded to a computer, configure the computer to perform the method described in any of clauses 5-8.

100:積體電路 105:儲存區域 110:處理區域 115:通訊區域 120:第一溫度感測器 125:第二溫度感測器 205:第三溫度感測器 210:第四溫度感測器 300:流程圖 305,310,315,320,325,330,335,340:步驟100: Integrated circuit 105: storage area 110: Processing area 115: communication area 120: The first temperature sensor 125: second temperature sensor 205: The third temperature sensor 210: The fourth temperature sensor 300: flow chart 305,310,315,320,325,330,335,340: steps

通過參考下列詳細說明同時結合附圖考量,對本說明及其更多附帶優勢會有更完整的理解,其中: 圖1與圖2分別描述本說明之一積體電路及其實施例; 圖3描述本說明實施例之一流程圖; 圖4描述圖3中本說明實施例中儲存溫度之一表格。By referring to the following detailed description and considering the accompanying drawings, you will have a more complete understanding of this description and its additional advantages, among which: Figures 1 and 2 respectively describe an integrated circuit of this specification and its embodiments; Figure 3 depicts a flow chart of an embodiment of this description; FIG. 4 depicts a table of the storage temperature in the illustrated embodiment of FIG. 3. FIG.

100:積體電路 100: Integrated circuit

105:儲存區域 105: storage area

110:處理區域 110: Processing area

115:通訊區域 115: communication area

120:第一溫度感測器 120: The first temperature sensor

125:第二溫度感測器 125: second temperature sensor

Claims (9)

一種積體電路,包含: 一處理區域,配置為執行複數個指令中之一指令;以及 一第一溫度量測區域,配置為量測該積體電路中該處理區域執行該指令時之一第一溫度,其中: 該處理區域執行一指令時,該處理區域配置為比較該第一溫度量測區域之該第一量測溫度與一預定溫度,其中當該第一量測溫度超過該預定溫度達一閾值時,該處理區域觸發一事件。An integrated circuit including: A processing area configured to execute one of a plurality of instructions; and A first temperature measurement area configured to measure a first temperature when the processing area in the integrated circuit executes the instruction, wherein: When the processing area executes an instruction, the processing area is configured to compare the first measured temperature of the first temperature measurement area with a predetermined temperature, wherein when the first measured temperature exceeds the predetermined temperature by a threshold, This processing area triggers an event. 如請求項1所述的積體電路,更包含: 一第二溫度量測區域,配置為量測該積體電路中該處理區域執行該指令時之該第二溫度,其中當該第一量測溫度與該第二量測溫度之差距超過一預定溫差達一預設值時,該處理區域觸發一事件。The integrated circuit as described in claim 1, further including: A second temperature measurement area configured to measure the second temperature when the processing area in the integrated circuit executes the instruction, wherein when the difference between the first measurement temperature and the second measurement temperature exceeds a predetermined When the temperature difference reaches a preset value, the processing area triggers an event. 如請求項1或2所述的積體電路,其中該事件係偵測對該積體電路進行之一物理性攻擊。The integrated circuit according to claim 1 or 2, wherein the event is to detect a physical attack on the integrated circuit. 如請求項3所述的積體電路,更包含: 包含安全區域及一非安全區域之一存儲區域,其中當該物理性攻擊的事件被偵測到時,該處理區域配置為刪除該安全區域之資料。The integrated circuit described in claim 3 further includes: A storage area including a secure area and a non-secure area, where when the physical attack event is detected, the processing area is configured to delete data in the secure area. 一種偵測一積體電路中之一物理性攻擊方法,其包含步驟有: 執行複數個指令中之一指令; 量測該積體電路執行該指令時之一第一溫度; 當執行該指令時,比較該第一溫度及該第一溫度量測區域之一預定溫度;以及 當該第一量測溫度超過該預定溫度之一閾值時,觸發一事件。A method for detecting a physical attack in an integrated circuit, which includes the following steps: Execute one of a plurality of instructions; Measuring a first temperature when the integrated circuit executes the instruction; When the instruction is executed, compare the first temperature with a predetermined temperature of the first temperature measurement area; and When the first measured temperature exceeds a threshold of the predetermined temperature, an event is triggered. 如請求項5所述偵測一積體電路中之一物理性攻擊的方法,更包含: 量測該積體電路執行該指令時之一第二溫度;以及 當該第一量測溫度及該第二量測溫度之差距超過一預定溫差達一預設值時,觸發該事件。The method for detecting a physical attack in an integrated circuit as described in claim 5 further includes: Measuring a second temperature when the integrated circuit executes the instruction; and When the difference between the first measured temperature and the second measured temperature exceeds a predetermined temperature difference by a predetermined value, the event is triggered. 如請求項5或6所述偵測一積體電路中之一物理性攻擊的方法,其中該事件係偵測對該積體電路之一物理性攻擊。The method for detecting a physical attack on an integrated circuit as described in claim 5 or 6, wherein the event is detecting a physical attack on the integrated circuit. 如請求項7所述偵測一積體電路中之一物理性攻擊的方法,其中當該物理性攻擊事件被偵測,該方法配置為刪除該積體電路中一安全區域之資料。The method for detecting a physical attack in an integrated circuit as described in claim 7, wherein when the physical attack event is detected, the method is configured to delete data of a safe area in the integrated circuit. 一計算機程式,用於計算機可讀取之指令,當該程式上載於一計算機時,配置該計算機以執行如請求項5~8任一項所述之方法。A computer program for instructions that can be read by a computer. When the program is uploaded to a computer, the computer is configured to execute the method described in any one of Claims 5 to 8.
TW108141447A 2018-12-06 2019-11-14 An integrated circuit, method and computer program TWI723632B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP18210773.0 2018-12-06
EP18210773.0A EP3663959B1 (en) 2018-12-06 2018-12-06 An integrated circuit, method and computer program

Publications (2)

Publication Number Publication Date
TW202036350A true TW202036350A (en) 2020-10-01
TWI723632B TWI723632B (en) 2021-04-01

Family

ID=64661087

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108141447A TWI723632B (en) 2018-12-06 2019-11-14 An integrated circuit, method and computer program

Country Status (4)

Country Link
US (1) US11842969B2 (en)
EP (1) EP3663959B1 (en)
CN (1) CN111291428B (en)
TW (1) TWI723632B (en)

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10111435A1 (en) * 2001-03-09 2002-09-26 Infineon Technologies Ag Device and method for performing operations at an adjustable speed
DE10200288A1 (en) 2002-01-07 2003-07-17 Scm Microsystems Gmbh A device for executing applications that include secure transactions and / or access control to valuable content and / or services and methods for protecting such a device
EP1467459A1 (en) * 2003-04-11 2004-10-13 Koninklijke Philips Electronics N.V. Method and apparatus for integrated circuit protection
US7362248B2 (en) * 2005-11-22 2008-04-22 Stmicroelectronics, Inc. Temperature tamper detection circuit and method
US8370644B2 (en) * 2008-05-30 2013-02-05 Spansion Llc Instant hardware erase for content reset and pseudo-random number generation
US8522049B1 (en) * 2008-07-31 2013-08-27 Maxim Integrated Products, Inc. Secure processor for extreme outdoor temperature conditions
FR2947361B1 (en) * 2009-06-29 2011-08-26 Viaccess Sa METHOD FOR DETECTING ATTACK ATTEMPT, RECORDING MEDIUM AND SECURITY PROCESSOR FOR SAID METHOD
US8914890B2 (en) * 2011-01-31 2014-12-16 International Business Machines Corporation Determining the vulnerability of computer software applications to privilege-escalation attacks
JP5776927B2 (en) * 2011-03-28 2015-09-09 ソニー株式会社 Information processing apparatus and method, and program
US9075991B1 (en) * 2011-06-08 2015-07-07 Emc Corporation Looting detection and remediation
FR3026253B1 (en) * 2014-09-19 2016-12-09 Commissariat Energie Atomique SYSTEM AND METHOD FOR SECURING AN ELECTRONIC CIRCUIT
US9569641B2 (en) * 2015-03-24 2017-02-14 Nxp Usa, Inc. Data processing system with temperature monitoring for security
TWI547823B (en) * 2015-09-25 2016-09-01 緯創資通股份有限公司 Method and system for analyzing malicious code, data processing apparatus and electronic apparatus
GB2544546B (en) * 2015-11-20 2020-07-15 Advanced Risc Mach Ltd Dynamic memory scrambling
US20170357829A1 (en) * 2016-06-13 2017-12-14 Samsung Electronics Co., Ltd. Integrated circuit, mobile device having the same, and hacking preventing method thereof
US10175118B1 (en) * 2016-08-31 2019-01-08 Square, Inc. Systems and methods for measuring temperature
US10474814B2 (en) * 2016-09-28 2019-11-12 Intel Corporation System, apparatus and method for platform protection against cold boot attacks
WO2018111601A1 (en) * 2016-12-16 2018-06-21 Square, Inc. Tamper detection system
US10296738B2 (en) * 2017-05-03 2019-05-21 Nuvoton Technology Corporation Secure integrated-circuit state management
EP3506548A1 (en) * 2017-12-27 2019-07-03 Secure-IC SAS Quantitative digital sensor
DE102018206487A1 (en) * 2018-04-26 2019-10-31 Robert Bosch Gmbh Method for determining a state of the thermal connection of at least one component within an electrical energy storage system to a heat source or heat sink

Also Published As

Publication number Publication date
EP3663959B1 (en) 2021-08-11
US11842969B2 (en) 2023-12-12
CN111291428A (en) 2020-06-16
TWI723632B (en) 2021-04-01
CN111291428B (en) 2024-08-09
EP3663959A1 (en) 2020-06-10
US20200185339A1 (en) 2020-06-11

Similar Documents

Publication Publication Date Title
US20220373593A1 (en) Security circuitry for bonded structures
US11893580B2 (en) Establishment of a secure session between a card reader and a mobile device
US10733291B1 (en) Bi-directional communication protocol based device security
US9892293B1 (en) Tamper detection system
US10127409B1 (en) Tamper detection system
TWI391864B (en) Critical security parameter generation and exchange system and method for smart-card memory modules
JP6665217B2 (en) Establish a secure session between the card reader and mobile device
US9436940B2 (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
US9300665B2 (en) Credential authentication methods and systems
TWI277904B (en) Method, recording medium and system for protecting information
JP5107915B2 (en) System comprising a plurality of electronic devices and one maintenance module
TW201633207A (en) Device keys protection
KR101080511B1 (en) Integrated circuit chip prevneting leak of identification key and method for certification of the integrated circuit chip
JP2006513477A (en) Method and terminal for detecting counterfeit and / or altered smart cards
CN107944271A (en) To the switching based on context of secure operating system environment
US8985447B2 (en) Secure payment card interface
US10528928B1 (en) Scanning system with direct access to memory
KR101922931B1 (en) Security apparatus and operating method thereof
JP4475386B2 (en) Chip card initialization
TWI723632B (en) An integrated circuit, method and computer program
US11270957B2 (en) Method for detecting a breach of the integrity of a semiconductor substrate of an integrated circuit from its rear face, and corresponding device
US20240169334A1 (en) Apparatus, system, and method for a security operations management module for a payment terminal
US11587890B2 (en) Tamper-resistant circuit, back-end of the line memory and physical unclonable function for supply chain protection
CN113675097A (en) Three-dimensional chip manufacturing method and three-dimensional chip
TW202336619A (en) Electronic device with security circuit and security memory